Peck Privacy Policy

Effective date: 4 May 2026

Peck ("the App") is a personal meal-tracking and nutrition app developed by Kelvin Harron ("we", "us", "our"). The data controller is Kelvin Harron, contactable at kelvinharron+peckapp@gmail.com. We believe your health data is yours. This policy explains what data the App collects, how it is used, and the choices you have.

At a glance: the App does not require an account, does not link any data to your name or date of birth, does not track your behaviour across other apps or websites, and does not share data with advertisers or data brokers. You are only ever represented to third-party services as an anonymous, randomly generated identifier.

1. Data That Stays on Your Device

The vast majority of your data never leaves your device. The following is stored locally in a private database and file storage accessible only to the App:

Profile information - name, gender, date of birth, height, weight, activity level, and fitness goal
Meal records - food items, nutritional values, notes, and timestamps
Meal and progress photos - stored in the App's private documents directory
Nutrition plans - daily calorie and macro targets
Check-in data - daily weight and step entries, weekly body measurements and progress photos
App preferences - theme, notification settings, analytics opt-out

Your name and date of birth are used only on your device, for personalised greetings and for calculating nutrition targets. They are never transmitted to us or to any third-party service.

There is no cloud sync, no account system, and no login. Your data lives on your device and is not backed up to our servers because we do not operate any servers.

2. Identifiers

The App does not use the Apple Advertising Identifier (IDFA) and does not present an App Tracking Transparency prompt because it does not track you. Where third-party services need to distinguish one installation from another, the following anonymous identifiers are used:

Analytics identifier - a random identifier generated by the analytics SDK on first launch. Not linked to your name, email, date of birth, or any other identifying information.
Crash reporting identifier - a random installation identifier used to group crash reports.
Subscription identifier - a random app-level identifier used by RevenueCat to associate your device with your subscription entitlement.

None of these identifiers are shared between services, and none can be linked back to you as a person.

3. Data Shared with Third-Party Services

The following services receive data only when triggered by your direct action in the App. No data is sent in the background, and no personal or identifying information accompanies these requests.

Google Gemini, via Firebase AI Logic Optional

The App's AI features (text and photo nutrition estimation, weekly insights) are powered by Google's Gemini models, accessed through Firebase AI Logic. Data is sent only when you explicitly trigger one of these features:

Meal descriptions or photos you submit for nutrition estimation
Aggregated nutrition statistics, weight trends, step counts, goal type, and activity level when you request a weekly insight

These requests do not include your name, date of birth, email, or any other personally identifying information. The App does not send any of this data automatically or in the background. Requests are processed by Google under the Google Privacy Policy and by Firebase under the Firebase Privacy and Security documentation. AI features are optional and the App remains fully usable without them.

AI content is not medical advice. Nutrition estimates and weekly insights are generated by an AI model and may be inaccurate or incomplete. They are intended as a guide only and should not be relied on for medical, dietary, or clinical decisions. Always consult a qualified professional for health advice.

Open Food Facts

When you search for a food item or scan a barcode, the App queries the Open Food Facts public API. The data sent is limited to:

Your search query text
Scanned barcode numbers

No personal or identifying information is included in these requests.

Apple Health / Health Connect

With your explicit permission, the App can read and write health data via Apple HealthKit (iOS) or Health Connect (Android):

Read: weight, steps, active energy burned, and nutrition data
Write: nutrition data and weight entries from your meals and check-ins

This data is exchanged directly with the operating system's health platform on your device. You can revoke these permissions at any time in your device's Health settings.

HealthKit-specific commitments. In line with Apple's HealthKit requirements, we confirm that:

Data obtained via HealthKit is never used for advertising or other data-mining purposes beyond improving your health, fitness, or research uses you have consented to.
Data obtained via HealthKit is never sold or shared with third parties for advertising or marketing.
Data obtained via HealthKit is never disclosed to anyone without your explicit consent.
HealthKit data stays on your device. It is not transmitted to our servers (we operate none) or to any third-party API listed in this policy.

4. Analytics and Diagnostics

The App uses two services to understand product usage and to diagnose technical issues:

PostHog (hosted in the European Union) for product analytics, such as which features are opened and which screens are visited.
Firebase Crashlytics for crash reports and diagnostic information when the App misbehaves.
Firebase Remote Config for fetching non-personal configuration values (such as which AI prompt template is active). No user data is sent to Remote Config.

All analytics and diagnostic data is associated only with the anonymous identifiers described in Section 2. No name, date of birth, email, meal content, photos, or health data is included in analytics or crash events.

You can turn this off. Analytics and crash reporting can both be disabled at any time from Profile → Analytics inside the App. When you disable the toggle, PostHog stops capturing events and Firebase Crashlytics stops collecting crash reports on your device.

The App does not perform app-wide tracking of your behaviour, does not link any data to data collected by other companies' apps or websites, and does not share analytics data with advertisers or data brokers.

5. Purchases

In-app purchases and subscriptions are processed through Apple's App Store or Google Play. We use RevenueCat to manage subscription status and entitlements. RevenueCat receives an anonymous app-level user identifier and the purchase metadata returned by the store; it does not receive your name, date of birth, email, or payment details. We do not see or store your payment details. See the RevenueCat Privacy Policy.

6. Notifications

The App can send local notifications (meal reminders, weekly check-in prompts) if you enable them. These notifications are generated entirely on your device. No data is sent to any external push notification service.

7. Camera and Photo Library

The App requests access to your camera for barcode scanning and meal photos, and to your photo library for selecting existing images. Photos you take or select are stored locally within the App. They are only sent externally if you use the AI nutrition estimation feature (see Section 3).

8. Children's Privacy

The App is not directed at children under 13 and is rated for users aged 16 and over. We do not knowingly collect data from children. If you are a parent or guardian and believe a child has used the App, please contact us at the address in Section 13 and we will assist you with deleting any data on the device.

9. Data Retention and Deletion

Since your personal data is stored locally on your device:

Deleting the App removes all locally stored data, including your database, photos, and preferences.
Within the App, you can delete individual meals, photos, check-ins, and other records at any time.
To request deletion of any data sent to third-party services (Gemini via Firebase AI Logic, PostHog analytics, Firebase Crashlytics, RevenueCat), email us at the address in Section 13 and we will work with you to identify and delete the relevant records. Because these services only ever see an anonymous identifier, no personal information is needed to make the request.

Data previously sent to third-party APIs is otherwise subject to those services' respective retention policies, linked throughout this policy.

10. Your Rights

Depending on where you live (for example under the UK GDPR, EU GDPR, or California Consumer Privacy Act), you may have the right to access, correct, delete, restrict, or object to processing of your personal information, and the right to data portability. Because the App stores your personal data locally on your device, you can exercise most of these rights directly inside the App. For data held by third-party services, contact us at the address in Section 13 and we will help you exercise these rights.

11. Security

Your data is stored in the App's private sandboxed storage, which is protected by your device's operating system. We do not transmit data over unencrypted connections - all third-party API communication uses HTTPS.

12. Changes to This Policy

We may update this policy from time to time. Material changes will be noted with a revised effective date at the top of this page. Continued use of the App after changes constitutes acceptance of the updated policy.

13. Contact

If you have questions about this policy or your data, or wish to exercise any of the rights described in Section 10, you can reach us at:

kelvinharron+peckapp@gmail.com